Trojan/Hijacking/Reboot Issues

Discussion in 'Malware Help (A Specialist Will Reply)' started by cpc123, Oct 14, 2011.

  1. cpc123

    cpc123 Private E-2

    Recently Firefox has been hijacked to various websites when googling. When I rebooted the computer it rebooted over and over, not getting past the startup screen. I opted to run the repair (it did not offer to start in safe mode) and the only way I could boot is to restore. I ran AVG and found Trojan Horse Dropper.Agent.ARYN. I have tried to download and run what I can in the "read this first" section, but am unable to download programs that require rebooting, which, of course is most!

    HELP!!
     
    cpc123, Oct 14, 2011
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Downloading programs does not require a reboot, so I assume what you meant is running scanning programs that require a reboot?

    MGtools does not require a reboot so run it and attach the requested log. Also run the below:

    Please also download MBRCheck to your desktop.

    See the download links under this icon http://forums.majorgeeks.com/chaslang/images/MGDownloadLoc.gif
    • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
    • It will show a Black screen with some information that will contain either the below line if no problem is found:
      • Done! Press ENTER to exit...
    • Or you will see more information like below if a problem is found:
      • Found non-standard or infected MBR.
      • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
    • Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
    • MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
    • Attach this log to your next message. (See: HOW TO: Attach Items To Your Post )

    Now goto the below link and follow the instructions for running TDSSKiller from Kaspersky
    • Be sure to attach your log from TDSSKiller
     
    chaslang, Oct 14, 2011
    #2
  3. cpc123

    cpc123 Private E-2

    Sorry! meant install... here are logs.
    Thank you for helping! :)
     
    cpc123, Oct 15, 2011
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.
    SUPERAntiSpyware, RootRepeal, and MGtools do not require a reboot to install. In fact RootRepeal and MGtools do not really even install, you just run them after you download them and they create their logs....no reboot required. ComboFix will force a reboot after running it but only if something is found that needs to be deleted.

    You did not attach any logs.
     
    chaslang, Oct 15, 2011
    #4
  5. cpc123

    cpc123 Private E-2

    Sorry... I don't know why they didn't attach. But I am out of luck now because the
    computer will not boot at all and fails when I try to run recover and gives me no choice but to shut down
     
    cpc123, Oct 17, 2011
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You will likely have to work on this in the Software Forum to repair Windows or reinstall.

    What did you do that caused your status to change?

    Did you try booting in safe mode? What about last known good configuration?

    What version of Windows are you using?
     
    chaslang, Oct 17, 2011
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds